Fedoraproject

Fedora

5326 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2016-7947

  • EPSS 3.16%
  • Veröffentlicht 13.12.2016 20:59:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.

7.5

CVE-2016-7946

  • EPSS 1.08%
  • Veröffentlicht 13.12.2016 20:59:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields.

7.5

CVE-2016-7945

  • EPSS 1.22%
  • Veröffentlicht 13.12.2016 20:59:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields.

9.8

CVE-2016-7944

  • EPSS 0.6%
  • Veröffentlicht 13.12.2016 20:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.

9.8

CVE-2016-7943

  • EPSS 4.71%
  • Veröffentlicht 13.12.2016 20:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations.

9.8

CVE-2016-7942

  • EPSS 3.16%
  • Veröffentlicht 13.12.2016 20:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations.

9.8

CVE-2016-5407

  • EPSS 2.12%
  • Veröffentlicht 13.12.2016 20:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data.

8.1

CVE-2016-9014

  • EPSS 4.31%
  • Veröffentlicht 09.12.2016 20:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOS...

9.8

CVE-2016-9013

  • EPSS 2.4%
  • Veröffentlicht 09.12.2016 20:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the da...

7.8

CVE-2016-1247

Exploit
  • EPSS 8.59%
  • Veröffentlicht 29.11.2016 17:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6-1ubuntu3.6 on Ubuntu 14.04 LTS, before 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS, and before 1.10.1-0ubuntu1.1 on Ubuntu 16.10, and the nginx ebuild before 1....